Future Proof Your SysAdmin Career - Linux Foundation


Future Proof YourSysAdmin CareerA sysadmin’s guide to essentialskills for advancing your careerBy Sam Dean and The Linux Foundation Training StaffLicense information: This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License (CC-BY-SA 4.0).

ContentsChapter 1: Essential Skills for SysAdmins: An Introduction 1Chapter 2: New Networking Essentials 6Chapter 3: Locking Down Security 11Chapter 4: Looking to the Cloud 16Chapter 5: Configuration and Automation 21Chapter 6: Embracing DevOps 25Chapter 7: Getting Certified 29Chapter 8: Communication and Collaboration 33Chapter 9: Advancing with Open Source 37

1Essential Skillsfor SysAdmins:An Introduction1

Future Proof Your SysAdmin CareerAs the technology industry evolves, today’s system administratorsneed command of an ever-expanding array of technical skills.However, many experts agree that skills like effective communicationand collaboration are just as important. With that in mind, in thisebook we are highlighting essential skills for sysadmins to staycompetitive in the job market. These chapters will delve intoimportant technical requirements as well as non-technical skills thathiring managers see as crucial.Linux.com has published several lists highlighting important skills forsysadmins. These lists correctly balance generalized skills like problemsolving and collaboration with technical skills such as experience withsecurity tools and network administration.Today, sysadmins also need command of configuration management toolssuch as Puppet, cloud computing platforms such as OpenStack, and,in some cases, emerging data center administration platforms such asMesosphere’s Data Center Operating System. Facility with open sourcetools is also a key differentiator for many sysadmins.As Dice data scientist Yuri Bykov has noted, “Like many other techpositions, the role of the system administrator has evolved significantlyover time due, in large part, to the shift from on-premise data centers tomore cloud-based infrastructure and open source technologies. Whilesome of the core responsibilities of a system administrator have notchanged, the expectations and needs from employers have.”Additionally, “as businesses have begun relying more upon open sourcesolutions to support their business needs, the sysadmin role has evolved,with employers looking for individuals with cloud computing and networking2

Future Proof Your SysAdmin Careerexperience and a strong working knowledge of configuration managementtools.The future job outlook for system administrators looks promising, withcurrent BLS (U.S. Bureau of Labor Statistics) research indicating employment forthese professionals is expected to grow 8 percent from 2014 to 2024,” Bykov said.Current BLS research indicates employment forsystem administrators is expected to grow8%from 2014to 2024Experience with emerging cloud infrastructure tools and open sourcetechnologies can also make a substantial compensation difference forsysadmins. According to a salary study from Puppet, “Sysadmins aren’tmaking as much as their peers. The most common salary range forsysadmins in the United States is 75,000- 100,000, while the four othermost common practitioner titles (systems developer/engineer, DevOpsengineer, software developer/engineer, and architect) are most likely toearn 100,000– 125,000.”Sysadmins who have experience with OpenStack and Linux can also farebetter in the hiring and salary pool. Fifty-one percent of surveyed hiringmanagers said that knowledge of cloud platforms has a big impact on opensource hiring decisions, according to the 2016 Linux Foundation/Dice OpenSource Jobs Report. There is also healthy hiring demand for sysadmins,with 48 percent of respondents in the same study reporting that they areactively looking for sysadmins.51%of surveyed hiring managers said thatknowledge of cloud platforms has a big impacton open source hiring decisions.- 2016 Linux Foundation/Dice Open Source Jobs Report.3

Future Proof Your SysAdmin CareerThe fact that fluency with Linux can make a big difference for sysadminsshould come as no surprise. After all, Linux is the foundation for manyservers and cloud deployments, as well as mobile devices. Several salarystudies have shown that Linux-savvy sysadmins are better compensatedthan others.3 OPEN SOURCE SKILLS for SysAdminsCloud Computing51% of hiring managersrank it as the mostimportant open source skillNetwork Management & SecurityKnowledge of fundamentalsas well as networkingsecurity experienceConfigurationManagement ToolsPuppet, Chef, Ansibleand SaltStackIn this ebook, we will look at the essential skills sysadmins need to stayrelevant and competitive in the job market, well into the future. These include: Networking essentialsCloud infrastructureSecurity and authenticationConfiguration and automationDevOpsProfessional certificationCommunication and collaborationOpen source participationAs we delve into these topics, we’ll keep three guiding principles in mind: Successful sysadmins are actively moving up the technologystack with their skillsets and embracing open source as rapidlyas organizations are doing so. Training for sysadmins is more readily available than ever—ranging from instructor-led courses to online, on-demandcourses that allow the student to set the pace.4

Future Proof Your SysAdmin Career Sysadmins have an increasingly crucial role in keepingorganizations performing at their best.Read on as we highlight the changing requirements and opportunities foradvancing your system administration career.5


Future Proof Your SysAdmin CareerIn this ebook we are looking at some important considerationsfor sysadmins who want to expand their skills and advance theircareers. In this chapter, we’ll focus on one of the fundamental skillsthat every sysadmin needs to master: networking.Networking is a complicated but essential core competency forsysadmins. A good sysadmin understands: How users connect to a network, including managing remoteconnections via a Virtual Private Network (VPN) How users authenticate to a network, ranging from standardtwo-factor authentication, to custom authentication requirements How switching, routing and internetworking work Software-Defined Networking (SDN) End-to-end protocols Network securityFundamentalsTCP/IP (Transmission Control Protocol/Internet Protocol) forms the basis of howdevices connect to and interface with the Internet. Sysadmins understandhow TCP/IP packets address, route, and deliver data across a network.A good sysadmin also knows how domain name servers (DNS) and resourcerecords work, including understanding nameservers. They typically arefluent with DNS query tools such as dig and nslookup, as well topics suchas sender policy framework and NOTIFY.7

Future Proof Your SysAdmin CareerWith large-scale security threats“.there is now acontinuing to emerge, there is now apremium on experiencepremium on experience with networkwith network securitysecurity tools and practices. Thatmeans understanding everything from tools and practices.”the Open Systems Interconnect (OSI)model to devices and protocols that facilitate communication across anetwork. Locking down security also means understanding the infrastructureof a network. Securing a network requires competency with routers,firewalls,VPNs, end-user systems, server security, and virtual machines.Additionally, knowledge of a platform like OpenStack can effectivelyexpand any sysadmin’s networking clout, because OpenStack,CloudStack, and other cloud platforms essentially expand the perimeterof what we think of as “the network.”Likewise, the basics of software-defined networking (SDN) are increasinglyimportant for sysadmins to understand. SDN permits admins to programmaticallyinitialize, control, and manage network behavior dynamically through openinterfaces and abstractions of lower-level functionality. This, too, is a categorywhere familiarity with leading open source tools can be a big differentiatorfor sysadmins. OpenDaylight, a project at The Linux Foundation, is an open,programmable, software-defined networking platform worth studying, andOpenContrail and ONOS are also on the rise in this space.Additionally, many smart sysadmins are working with open configurationmanagement tools such as Chef and Puppet. Julian Dunn, a productmanager at Chef, writes: “System administrators have got to stop thinking ofservers/disk/memory/whatever as ‘their resources’ that ‘they manage.’DevOps isn’t just some buzzword concept that someone has thought upto make sysadmins’ lives hell. It’s the natural evolution of both professions.”See our list of relevant, open configuration management tools here.8

Future Proof Your SysAdmin CareerTraining coursesFor sysadmins who want to learn more about networking, the good newsis that training in this area is very accessible and, in some cases, free.Furthermore, excellent free and open source administration and configurationtools are available to help boostany sysadmin’s networkingTRAINING OPTIONSefficiency.for Linux SysAdminsTraining options for Linuxfocused sysadmins include avariety of networking courses.For sysadmins, CompTIA Linux offers solid training options, asdoes the Linux ProfessionalInstitute. The Linux FoundationCertified System Administrator(LFCS) course is another goodchoice. The Linux Foundationoffers the LFS201 basic courseand LFCS exam. Many vendorsin the Linux arena also offernetworking-focused trainingand certification for sysadmins,including Red Hat.It’s also worth checking outO’Reilly’s Networking forSysadmins video trainingoptions. These videos coverTCP/IP basics, OSI, and all theessential components withina network’s infrastructure,ranging from firewalls to VPNsto routers and virtual machines.9

Future Proof Your SysAdmin CareerThe information is comprehensive, with some of the individual videosrequiring a full day to complete and digest. Additionally, the curriculumis available on demand, so it can be used as reference material fornetworking essentials.Additionally, Lynda.com offers an array of online network administrationcourses taught by experts. Sysadmins can quickly get through coursessuch as Linux File Sharing Services and Identity and Access Management.Even as sysadmins focus on moving up the technology stack withtheir skillsets, networking basics remain essential. Fortunately, trainingand education are more accessible than ever. In Chapter 3, we’ll lookat important security requirements to consider when advancing yoursysadmin career.10

3Locking DownSecurity11

Future Proof Your SysAdmin CareerFor today’s system administrators, gaining competencies that movethem up the technology stack and broaden their skillsets is increasinglyimportant. However, core skills like networking remain just as crucial.In this chapter, we’ll focus on another core skill: security.With ever more impactful security threats emerging, the demand for fluencywith network security tools and practices is increasing for sysadmins. Thatmeans understanding everything from the Open Systems Interconnect (OSI)model to devices and protocols that facilitate communication across a network.Locking down systems also means understanding the infrastructureof a network, which may or may not be Linux-based. In fact, many oftoday’s sysadmins serve heterogeneous technology environments wheremultiple operating systems are running. Securing a network requirescompetency with routers, firewalls, VPNs, end-user systems, serversecurity, and virtual machines.TOP SECURITY SKILLS for Open Source ProsNetwork SecurityFirewalls, VPN, CheckPoint,IPS, Python and Apache PigInformation SecurityVulnerability and riskmanagement tools (NIST) andintrusion detection systemsNetwork andWeb-Related ProtocolsTCP/IP, routing, firewalls, etc.Securing systems and networks calls for varying skillsets dependingon platform infrastructure, as is clear if you spend just a few minutesperusing, say, a Fedora security guide or the Securing Debian Manual.12

Future Proof Your SysAdmin CareerHowever, there are good resources that sysadmins can leverage to learnfundamental security skills.For example, The Linux Foundation has published a Linux workstationsecurity checklist that covers a lot of good ground. It’s aimed atsysadmins and includes discussion of tools that can thwart attacks.These include SecureBoot and Trusted Platform Module (TPM). For Linuxsysadmins, the checklist is comprehensive.The widespread use of cloud platforms such as OpenStack is also introducingnew requirements for sysadmins. According to The Linux Foundation’sGuide to the Open Cloud: “Security is still a top concern among companiesconsidering moving workloads to the public cloud, according to Gartner,despite a strong track record of security and increased transparency fromcloud providers. Rather, security is still an issue largely due to companies’inexperience and improper use of cloud services,” and a sysadmin withdeeply entrenched cloud skills can be a valuable asset.Most operating systems and widely used Linux distributions feature timelyand trusted security updates, and part of a good sysadmin’s job is to keepup with these. Many organizations and administrators shun spin-off and“community rebuilt” platform infrastructure tools because they don’t havethe same level of trusted updating.Network challengesNetworks, of course, present their own security challenges. The smallestholes in implementation of routers, firewalls, VPNs, and virtual machinescan leave room for big security problems. Most organizations are strategicabout combating malware, viruses, denial-of-service attacks, and othertypes of hacks, and good sysadmins should study the tools deployed.Freely available security and monitoring tools can also go a long way towardavoiding problems. Here are a few good tools for sysadmins to know about:13

Future Proof Your SysAdmin CareerFor a lot of these tools, sysadmins can pick up skills by leveraging free onlinetutorials. For example, there is a whole tutorial series for Metasploit, andthere are video tutorials for Wireshark.Wireshark, apacket analyzer forsysadminsKeePass PasswordSafe, a free opensource passwordmanagerMalwarebytes, afree anti-malwareand antivirus toolNMAP, a powerfulsecurity scannerNIKTO, an opensource web serverscannerAnsible, a tool forautomating secure ITprovisioningMetasploit, a tool forunderstanding attackvectors and doingpenetration testingAlso on the topic of free resources,we’ve previously covered a freeebook from the editors at TheNew Stack called Networking,Security & Storage with Docker& Containers. It covers thelatest approaches to securecontainer networking, as wellas native efforts by Docker tocreate efficient and securenetworking practices. The ebookis loaded with best practices forlocking down security at scale.Training and certification, ofcourse, can make a huge differencefor sysadmins as we discussedin “7 Steps to Start Your LinuxSysadmin Career.”For Linux-focused sysadmins,The Linux Foundation’s LinuxSecurity Fundamentals (LFS216)is a great online course forgaining well-rounded skills. Theclass starts with an overviewof security and covers howsecurity affects everyone inthe chain of development,implementation, andadministration, as well as end14

Future Proof Your SysAdmin Careerusers. The self-paced course covers a wide range of Linux distributions,so you can apply the concepts across distributions. The Foundation offersother training and certification options, several of which cover securitytopics. For example, LFS201 Essentials of Linux System Administrationincludes security training.Also note that CompTIA Linux incorporates security into training options,as does the Linux Professional Institute. Technology vendors offer somegood choices as well; for example, Red Hat offers sysadmin trainingoptions that incorporate security fundamentals. Meanwhile, Mirantis offersthree-day “bootcamp” training options that can help sysadmins keep anOpenStack deployment secure and optimized.In the 2016 Linux Foundation/Dice Open Source Jobs Report, 48 percentof respondents reported that they are actively looking for sysadmins. Jobpostings abound on online recruitment sites, and online forums remaina good way for sysadmins to learn from each other and discover jobprospects. So the market remains healthy, but the key for sysadmins is togain differentiated types of skillsets. Mastering hardened security is surelya differentiator, and so is moving up the technology stack—which we willcover in the next chapters.15

4Looking to theCloud16

Future Proof Your SysAdmin CareerSysadmins will always need core competencies such as networkingand security, but increasingly, they can differentiate themselvesby mastering new platforms and tools. In today’s environment,experience with open cloud computing platforms such as OpenStackcan make a huge difference for a sysadmin.The cloud advantageExperience with emerging cloud infrastructure tools and open sourcetechnologies can make a substantial compensation difference forsysadmins. According to a salary study from Puppet, “Sysadmins aren’tmaking as much as their peers. The most common salary range forsysadmins in the United States is 75,000- 100,000, while the four othermost common practitioner titles (systems developer/engineer, DevOpsengineer, software developer/engineer, and architect) are most likely toearn 100,000– 125,000.”If you search recruitment sites for sysadmin positions that demand cloudskills, opportunities abound. There are many positions that require strongcloud monitoring skills, and jobs that demand facility with both open sourceand popular public cloud platforms.Certification also makes adifference. The value of cloudcentric certification is being drivenby shortages in the number ofskilled cloud-skilled professionals.CEB, a company focused on bestpractices in technology, recently“Experience with emergingcloud infrastructuretools and open sourcetechnologies can make asubstantial compensationdifference for sysadmins.”17

Future Proof Your SysAdmin Careerprovided Forbes with the results of a database dive on cloud computinghiring trends. It found shortages in expertise surrounding many cloudcomputing platforms, and it also called out a strong job market for skilledprofessionals. In fact, 124,300 was the median advertised salary forcloud computing professionals in 2016, according to the database. 124,000The medianadvertised salaryfor cloud computingprofessionals in2016.Source: CEBSome sysadmins are blogging about their experiences in addingOpenStack skills to their arsenals. For example, Michalis Giannos, writingfor Stackmasters, said, “As an old-school system administrator, whatimpressed me about OpenStack is that it extends resource managementover to storage and network — that is, going beyond the CPU and memorymanagement options that you get with the typical virtual machine offerings.Having a unified view of your computing resources utilization, and havingthe ability to manage it from a single place is a very powerful feature. Andit’s especially mind blowing, even to an old hat like me, raised up on the CLI,that you can access all that power from an easy to use web-based UI.”Giannos also said, “The ease of creating images and customized flavorsof your virtual machines allows you to deploy a new server in minuteswithout having to repeat trivial configurations all over again. Heck, you canliterally create an HTTP Load Balancer AND the back-end service farm forit in just a few minutes.”Indeed, OpenStack, CloudStack, Nextcloud, and some other open cloudplatforms automate and streamline many tasks that old school sysadminsmay be most familiar with. With all of this in mind, providing cloud platformtraining aimed directly at sysadmins is on the radar at technology vendorsfocused on the cloud and at independent training organizations.18

Future Proof Your SysAdmin CareerThe Linux differenceFluency with Linux can make a big difference for sysadmins, whichshould be no surprise. Several salary studies have shown that Linuxsavvy sysadmins are better compensated than others. With that in mind,note that Linux is the bedrock for the majority of cloud deployments,according to The OpenStack Foundation.This leads to a multi-faceted career path that many sysadmins can taketo differentiate themselves from the pack. In fact, Tom’s IT Pro has calledthis path “the triple threat career path to IT success.” Specifically, itinvolves obtaining certification as a Linux-savvy sysadmin, as a projectmanager, and as a cloud administrator.Training options for Linux-focused sysadmins are expanding accordingly.For professional certification, CompTIA Linux is an option, as arecertifications from Linux Professional Institute. The Linux Foundation’sLinux Foundation Certified System Administrator (LFCS) training andcertification is another good choice.Earning the title of Red Hat Certified System Administrator in Red HatOpenStack demonstrates that you have the skills needed to create,configure, and manage private clouds using Red Hat OpenStackPlatform. Red Hat’s training for this certification covers configuring andmanaging images, adding compute nodes, and managing storage usingSwift and Cinder.Mirantis and other vendors also offer certified OpenStack administratorcurriculum. The Linux Foundation offers an OpenStack AdministrationFundamentals course, which serves as preparation for certification. Thecourse is available bundled with the COA exam, enabling students tolearn the skills they need to work as an OpenStack-skilled administratorand get the certification to prove it. A unique feature of the course isthat it provides each participant with a live OpenStack lab environment19

Future Proof Your SysAdmin Careerthat can be rebooted at any time. Customers also have access to thecourse and the lab environment for a full 12 months after purchase. Likethe exam, the course is available anytime, anywhere. It is online and selfpaced — definitely worth looking into.The OpenStack Foundation works directly with The Linux Foundationto make the Certified OpenStack Administrator (COA) exam available,and getting certified is a rock solid credential for many sysadmins. TheGuide to the Open Cloud 2016 from The Linux Foundation also includesa comprehensive look at other cloud platforms and tools that manysysadmins would be wise to pick up skills for, including tools that orbit theopen cloud ecosystem.Clearly, sysadmins interested in adding meaningful skills and credentialsto their arsenals shouldn’t ignore the cloud. Training and certificationopportunities are proliferating, and widespread skills shortages are welldocumented. In the next chapter, we’ll take a closer look at configurationand automation.20


Future Proof Your SysAdmin CareerSystem administrators looking to differentiate themselves fromthe pack are increasingly getting cloud computing certificationor picking up skills with configuration management tools. FromPuppet to Chef to Ansible, powerful configuration managementtools can arm sysadmins with new skills such as cloud provisioning,application monitoring and management, and countless types ofautomation.TOP 3 DevOps SkillsConfigurationManagement ToolsChef, Puppet & AnsibleCloud ComputingOpenStackProgrammingLanguagesRuby, Python, Java & PerlConfiguration management platforms and tools have converged directlywith the world of open source. In fact, several of the best tools are fullyfree and open source. From server orchestration to securely deliveringhigh-availability applications, open source tools such as Chef and Puppetcan bring organizations enormous efficiency boosts.The prevalence of cloud computing, and the open platforms thatfacilitate it, have contributed to the benefits organizations can reap fromconfiguration management tools. Cloud platforms allow teams to deployand maintain applications serving thousands of users, and the leadingopen source configuration management tools have integrated ways toautomate all relevant processes.22

Future Proof Your SysAdmin CareerWhen many people envision a“.automated provisioningsysadmin in action, they imagineand configuration canan interaction with an end user.result in time savings andHowever, as organizations moveto the cloud and heterogeneousreduce human error.”technology infrastructureenvironments, many sysadmins need to expand their skills. Today,automation of tasks and application delivery are big themes. Among otherbenefits, automated provisioning and configuration can result in timesavings and reduce human error.Tools for the taskPuppet and Chef are both open configuration management tools that canautomate many common tasks. As noted in an UpGuard blog post, “Itis frequently stated that Puppet is a tool that was built with sysadmins inmind. The learning curve is less imposing due to Puppet being primarilymodel driven. Getting your head around JSON data structures in Puppetmanifests is far less daunting to a sysadmin who has spent their life at thecommand line than ruby syntax is.”Puppet can automate many sysadmin tasks, including deploying newmachines, pushing changes out to existing systems, and performingverification checks. Chef, however, is noted for providing a great dealof power and flexibility. It automates the management of systems in thecloud, on-premises, or in a hybrid environment.So, how can sysadmins gain familiarity with these tools? Puppet andChef have commercial enterprises behind them, and flexible trainingoptions are available. For example, if you just want to take Puppet for atest drive within a virtual machine, you can do so here; instructor-led andonline training options are detailed there as well. You can chart a learningroadmap for Puppet here.23

Future Proof Your SysAdmin CareerRed Hat and other vendors also offer training options for Puppet as usedin a standard operational environment or in a cloud environment. Red Hatalso offers training for Ansible, and the curriculum is specifically gearedtoward sysadmins who need to automate, configure, and manage systemsand processes. In-person or online training options for Chef can be foundhere, and you can sample some of the online tutorials here.The Linux Foundation’s “Guide to the Open Cloud: Current Trends andOpen Source Projects” includes a comprehensive section on configurationmanagement tools, and you can find out more and visit some relevantopen source project repositories here.Sysadmins who add cloud and configuration management skills to theirtoolkits are keeping pace with rapidly changing technology environments.These aren’t the only ways to expand your skills, though. In the nextchapter, we will look at the importance of DevOps.24


Future Proof Your SysAdmin CareerSysadmins are increasingly looking to expand their skillsets andcarve out new opportunities. With that in mind, many sysadmins arelooking to the world of DevOps. At lots of organizations, DevOpshas emerged as the most effective method for application delivery,including in the cloud.One of the drivers of the DevOps“The line between hardwaremovement is that organizationsand software is blurrier thansimply have limits on the numberof IT staffers, sysadmins, andit used to be.”developers that they can employ.Cross-pollination of traditional skillsets makes good business sense. And,as Jeff Cogswell has noted, “The line between hardware and software isblurrier than it used to be.”Cogswell also laid out a good recipe for what specific skills to master inorder to meet DevOps goals:DEVOPS SKILLS to MasterVirtualizationEmerging OpenCloud ent Tools Learn what virtualization is and how, through software alone,you can provision a virtual computer and install an operatingsystem and a software stack.26

Future Proof Your SysAdmin Career Study emerging open source platforms and frameworks, suchas OpenStack. Learn network virtualization. Learn to use configuration management tools, such as Puppetand Chef.All of these pursuits can help sysadmins appeal to organizationslooking to create more collaborative and efficient working environments.Additionally, as mentioned earlier, fluency and facility with emerging cloud,virtualization, and configuration management tools can make a substantialcompensation difference for sysadmins.Training optionsSysadmins interested in becoming more fluent with DevOps skills andpractices can start by exploring Dice’s Skills Center. A look there makes itclear that skillsets surrounding configuration management tools, containers,and open platforms are much in demand. Savvy sysadmins can combineexisting competencies with these skillsets and move the needle.Flexible training options are available for these tools. For example, if youjust want to take Puppet for a test drive within a virtual machine, you cando so here, or there are instructor-led and online training options detailedon the same page. For example, you can chart a learning roadmap forPuppet, find in-person or online training options for Chef, or sample someof the available online tutorials.A great way to learn more about cloud skills is to open an account onAmazon Web Services and work with EC2 technology. OpenStacktraining options also abound. The Linux Foundation, for example, offersan OpenStack Administration Fundamentals course, which serves aspreparation for certification. The course is available bundled with theCOA exam, enabling students to learn the skills they need to work as anOpenStack-skilled administrator and get the certification to prove it.27

Future Proof Your SysAdmin CareerThe Guide to the Open Cloud 2016 from The Linux Foundation alsoincludes a comprehensive look at other cloud platforms and tools thatmany sysadmins would be wise to pick up. Mirant

Training options for Linux-focused sysadmins include a variety of networking courses. For sysadmins, CompTIA Linux offers solid training options, as does the Linux Professional Institute. The Linux Foundation Certified System Administrator (LFCS) course is another good choice. The Linux